palmitosicoaraci.com.br/T-online
172.106.0.110301 Moved Permanently 707 B URL HTTP/1.1 palmitosicoaraci.com.br/T-online
IP 172.106.0.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /T-online HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 08 Nov 2022 02:50:09 GMT
server: LiteSpeed
location: https://palmitosicoaraci.com.br/T-online
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5021
Expires: Tue, 08 Nov 2022 04:13:51 GMT
Date: Tue, 08 Nov 2022 02:50:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5570
Cache-Control: max-age=119637
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:10 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 12:04:07 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2352
Cache-Control: max-age=116420
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:10 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:10:30 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11237
Expires: Tue, 08 Nov 2022 05:57:28 GMT
Date: Tue, 08 Nov 2022 02:50:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: spc75RdG91gDNieLzQtw4qeOOIv5+o/Wu0JC4aoNuS6362pjPQWH6mNOHEI9xTc3VYmwuoEAspi13Rz0buUGWg==
x-amz-request-id: 23TQBBNTXEGEGEW6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 02:48:20 GMT
age: 111
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 02:50:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.0/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (56331)
Hash 504d3db17059beb7c9278d8519c94752
291ad53bb1ac4932600bfb4488c56bc55e4db9b1
53ada737b0df4fdeeb9859542a1f458196dec7829cd87b3c9b9d7b0c58ba0310
GET /ajax/libs/font-awesome/5.10.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:11 GMT
content-type: text/css; charset=utf-8
content-length: 9974
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-dcc5"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13321766
expires: Sun, 29 Oct 2023 02:50:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0rYofSd28fKlI%2Bay1mmphpto1eQ6fTDej8w6y8CSF6VsQLR0yIHunPoZQPlbCabtkthbbBb8eQFgzCs8mGF%2B0EhgB14FL3%2FJ0R%2FvuBduwB6cNVsEaG7%2F%2FCQ6QoLNcgZTKtBWBou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 766affefbf6a0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: max-age=113016
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:11 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:13:47 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
code.jquery.com/jquery-3.4.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:11 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1667875811.dop017.sk1.t,1667875811.cds263.sk1.hn,1667875811.cds201.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash daa80660d5766073c0be83d6419a3411
1995a34ba3db0fcf5b8bae8b2a1cdd8cbee57e9a
6863336e8f0c91e087d618fb05d13f05894e005447f740b70b084a1426466a32
GET /npm/bootstrap@5.0.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.0
x-jsd-version-type: version
etag: W/"13731-2JYXAt9UqpcPHzAIfI0LH2lnx4Q"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 08 Nov 2022 02:50:11 GMT
age: 2424296
x-served-by: cache-fra19157-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22435
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css
151.101.85.229200 OK 8.8 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css
IP 151.101.85.229:0
Hash 5813a944575a76776931431ffde6693f
865909634bd204fb4b0c654543fabe87209bdf26
9e3f7c85a1d0099f7f50b05e7e6934129fe6d108d783d34bd599812c53be4eac
GET /npm/bootstrap-icons@1.4.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.4.1
x-jsd-version-type: version
etag: W/"f8b2-v7ZMVELJO4O8jF4rcNGwrm8YAaE"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 08 Nov 2022 02:50:11 GMT
age: 7252966
x-served-by: cache-fra19141-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8844
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/bootcss/reset.css
172.106.0.110200 OK 3.0 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/bootcss/reset.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (331)
Hash f3f53c0d4582e0f26404c3d2a408a101
d389b2a45dd8a24e36a21c8aa74f61138e213751
66358a916a6a4d582580eed5de30019efcaa5a8530429907a23953cc66685102
GET /_cdn/bootcss/reset.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 30 Mar 2021 19:20:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2977
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/T-online
172.106.0.110200 OK 7.7 kB URL HTTP/2 palmitosicoaraci.com.br/T-online
IP 172.106.0.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469), with CRLF, LF line terminators
Hash f91ba0fda99d76aef33f0ded03a1df99
08f5c656f2c74a070b64d9a15970a9b120a1c826
52e957046a0776b656ae387bfc01f399891dfbf4f359a0d9f713dec62e2f891f
Analyzer Verdict Alert fortinet Phishing
GET /T-online HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; path=/; secure
userView=palmitos; expires=Wed, 09-Nov-2022 02:50:10 GMT; Max-Age=86400; path=/; secure
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
151.101.86.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 151.101.86.133:0
Hash 321ce3a2f4d42940ef412fd008f95409
a4aca987a6c7f79e88dfef8c1bcc2326cb899be9
5c4c561a0290f3b3fdf357cbe9e773fa6f9726b4c0becbe422bde5ede22b9de9
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "79A20FB2D7748C18998DE7B4A455D71CA298872B"
Expires: Tue, 08 Nov 2022 14:00:00 UTC
Last-Modified: Tue, 08 Nov 2022 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Tue, 08 Nov 2022 02:50:11 GMT
Via: 1.1 varnish
Age: 2148
X-Served-By: cache-bma1668-BMA
X-Cache: HIT
X-Cache-Hits: 7
X-Timer: S1667875812.909306,VS0,VE0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
palmitosicoaraci.com.br/themes/pamar/lib/animate/animate.min.css
172.106.0.110200 OK 2.5 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/animate/animate.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (16755)
Hash 8749712e65b163c12306df7f1e7d1261
29347292299cd3a5d207e05c711c66fa20333b96
6042228bdd632754cb22416d37bdc8e8dc62df670899b01b9bd406e442d16441
GET /themes/pamar/lib/animate/animate.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2501
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css
172.106.0.110200 OK 789 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (2846)
Hash f28411148e2c4159c779ed6cb9060a03
3e28a7725e7dec0a774b30f749ccc2f4664cc03b
5e569c50803725ebc0c486d05135852e56a7b8b320c9cf6cfe3b201965de0004
GET /themes/pamar/lib/owlcarousel/assets/owl.carousel.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 789
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css
172.106.0.110200 OK 1.4 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (836)
Hash 29842a8c7914e5bcb26c39f8be405856
0ff1fe917ecc77f945f6b59b7a7e15b624b36c7b
a80610ce8e9bcb5f8ed5c86a13a5aa384f33943a56358fa4834bf79c1cb10f32
GET /themes/pamar/lib/tempusdominus/css/tempusdominus-bootstrap-4.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1447
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/css/style.css
172.106.0.110200 OK 1.6 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/css/style.css
IP 172.106.0.110:0
Hash 78ba9e845c33461ec91b5f0a33ebf32f
63450b4b3c5660a41ca2bf019b92e7017ab2e265
fe16038bb148d4211839fd72d70e96ed9a6148655124b95c51e1270041fd2e35
GET /themes/pamar/css/style.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 23 Aug 2022 19:04:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1580
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/css/whatsapp.css
172.106.0.110200 OK 1.1 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/css/whatsapp.css
IP 172.106.0.110:0
Hash 985b832ebc38c5e0a3bce4a48ff6695c
ad77e54ba86daa46558e7d3401b48df2d4a0c7b1
51377f27bc6f5c479622cc0dece586601ae7e27a9c4ba340831e9fac24b4c3bf
GET /themes/pamar/css/whatsapp.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: text/css
last-modified: Wed, 24 Aug 2022 14:48:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1133
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/workcontrol.js
172.106.0.110200 OK 1.6 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/workcontrol.js
IP 172.106.0.110:0
Hash e30f7e4b419c12a9e1e75ae21ee90ca0
0a3ad129938333b08a896f144e57cf5629cd6f74
cf522c88c50a3d8bdce0fc755277998ebc5e40b8be4d6dfd78a4daa720e206d4
Analyzer Verdict Alert fortinet Phishing
GET /_cdn/workcontrol.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 22:30:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1641
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xkePFbc6M2xE/jvZfTo7fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3RhFDXn8VKh7IEz8jFGgBRd1mik=
palmitosicoaraci.com.br/themes/pamar/css/bootstrap.min.css
172.106.0.110200 OK 21 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/css/bootstrap.min.css
IP 172.106.0.110:0
File type ASCII text, with very long lines (65326)
Hash 28440b0d7108ab149ba0758f9d8ee9fa
8a425e3cddf0a03336c8d9d9b4beba400f4e441f
c3d353bcb294f127bc81e8ccafe3d9277bc42ca6ae6f5178aeae6b2d3c723c55
GET /themes/pamar/css/bootstrap.min.css HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:10 GMT
content-type: text/css
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20716
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/_cdn/jquery.js
172.106.0.110200 OK 32 kB URL HTTP/2 palmitosicoaraci.com.br/_cdn/jquery.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32046)
Hash 2f700400f1a3e5f1e01c4ec019de6c13
e278d2d4c8a748218a70c8d00658bead97ffa6bf
d54f279c3c1537c9cd32c63ea5f67a116ae28f06b36b15598a2e78a071db4667
Analyzer Verdict Alert fortinet Phishing
GET /_cdn/jquery.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: application/javascript
last-modified: Sun, 08 Oct 2017 04:53:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32371
date: Tue, 08 Nov 2022 02:50:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221667874118155%22
34.102.187.140200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221667874118155%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators
Hash e2bcf942c8cf08ba66e616d26c8413bb
f8f64f195762b5ea2681d30f98d07001e4aa6baa
805440f993b9060f5394a4a827054e7824e42bff285ec9344774345381bb1656
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221667874118155%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Tue, 08 Nov 2022 02:27:23 GMT
cache-control: public,max-age=3600
last-modified: Tue, 08 Nov 2022 02:21:58 GMT
content-type: application/json
age: 1369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667846237618&_since=%221666204638208%22
34.102.187.140200 OK 5.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667846237618&_since=%221666204638208%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (5283), with no line terminators
Hash b1527b2dfad8b6b174df5f7cb784e744
7aaebfda17cab462811ba4cc57607e0cac3b5b24
6c65bb89154b3940f2d844f9e26361ea35ae2d1b2965a6c73bdf7a34c386fbb4
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1667846237618&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5283
via: 1.1 google
date: Tue, 08 Nov 2022 02:50:06 GMT
cache-control: public,max-age=3600
age: 6
last-modified: Mon, 07 Nov 2022 18:37:17 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash c22da7ef9d9661440ea75c23cb583813
45e567955ce3901a1f2d723fdab3c607f7419dd9
2499384fa96f3b1644f5ff8ec2f7a058f5e9b516684e89eb3ff1a1a3060ff053
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-09-20-34-00.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: hl5ewqx/NDQFMqZSU4vN6pVRG3kcuQZ5B6eMUp5gu4c5QoQl3XxWIY0C9Z/XVPyu+Jdtam2tLfU=
x-amz-request-id: MFCH10JDER8ETSDY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 02:50:10 GMT
age: 2
last-modified: Thu, 20 Oct 2022 20:34:01 GMT
etag: "c22da7ef9d9661440ea75c23cb583813"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667865664021&_since=%221666483264567%22
34.102.187.140200 OK 57 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667865664021&_since=%221666483264567%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (56883), with no line terminators
Hash 45f1195567ab685619bd98876f4b228c
86f5ed7c26ccf0a591f04e8588a14d8c9a335c8b
387d86cab7b854a9a1c7817f8d93018cc1c5446bb42c1747509dd797e1bde2cf
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1667865664021&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 56883
via: 1.1 google
date: Tue, 08 Nov 2022 02:17:59 GMT
cache-control: public,max-age=3600
age: 1933
last-modified: Tue, 08 Nov 2022 00:01:04 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667859140556&_since=%221666279968541%22
34.102.187.140200 OK 11 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667859140556&_since=%221666279968541%22
IP 34.102.187.140:0
File type ASCII text, with very long lines (11075), with no line terminators
Hash 9e977ae8cb41d856a83b217c26cd49ed
d0d749465048da0d9dd2f413c07c420751cc7d01
7f727ba9a0c387a76e301415a231af9b4873e9621d30fb19172ba0e804d5e334
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1667859140556&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 11075
via: 1.1 google
date: Tue, 08 Nov 2022 02:21:45 GMT
cache-control: public,max-age=3600
age: 1707
last-modified: Mon, 07 Nov 2022 22:12:20 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22
34.102.187.140200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1300), with no line terminators
Hash c7e9f96e1a2142cb3ec17a1db32add0d
866196b5baab2194581407bdd1297f1934941675
81eb7fe101ad6a8966865dec8d3e0f73b7b81a8b519cb8cfc8abc1846e4c82b9
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1667225520937&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1300
via: 1.1 google
date: Tue, 08 Nov 2022 02:28:31 GMT
cache-control: public,max-age=3600
age: 1301
last-modified: Mon, 31 Oct 2022 14:12:00 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
34.102.187.140200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1504), with no line terminators
Hash f8887f4ce8d60a19bc767a27c5aa7a20
4313dbbfa5738ece2219fe88d04c2c7dfae10bfa
8530d746dc49555caa17334b90bf713d67a60f428817c0065792446051632f18
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1504
via: 1.1 google
date: Tue, 08 Nov 2022 01:57:06 GMT
cache-control: public,max-age=3600
age: 3186
last-modified: Thu, 27 Oct 2022 18:14:21 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
34.102.187.140200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators
Hash 1971557ee32481ccb55dd637b351b263
be18a39de55151bb40ab40c95de41468fa47b8a2
cfffc68c1707cfbf7e93112696e899f31e4473c82130180e5767b4889e6c62ee
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1719
via: 1.1 google
date: Tue, 08 Nov 2022 01:58:03 GMT
cache-control: public,max-age=3600
age: 3129
last-modified: Mon, 31 Oct 2022 17:42:02 GMT
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12627
Expires: Tue, 08 Nov 2022 06:20:40 GMT
Date: Tue, 08 Nov 2022 02:50:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71473fb15e07b9c973e7368bdd2c2eb7
e5e369ed7b77ff7639bffc16da2f2ca6c035421c
a7e72e22f9d0204e2be1f21fe1c66c8469c5b14ef3b4c64f3cf2335ba5365618
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a2bb539-06cb-47fd-8d3c-7043929bfeaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9336
x-amzn-requestid: fb33f029-9d6c-40df-aab2-bdb139d8dedb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKOGdEIAMFujA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-53c235ce324b4e896b401a40;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zP8bp-rTtlDnlSAnPdZNJL19gSEfS9HmA9WUgNx4jku9i1zoahW-og==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 18612
etag: "e5e369ed7b77ff7639bffc16da2f2ca6c035421c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8741ea01-6829-4b7c-a14e-c14c2134d6ca.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8741ea01-6829-4b7c-a14e-c14c2134d6ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17911ced5822253969e1e3c1743b3ab0
9ca921755116b9bc783e340cb523f376942896af
625e7648f13ce472f4d871ba9eff6d958a8cd0a548cdec183ec3d01cc6ab41a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8741ea01-6829-4b7c-a14e-c14c2134d6ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6566
x-amzn-requestid: d4d93654-95f8-4159-ac6a-2f533e9fe980
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKMHraoAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-1b13db672438492e1e63e84d;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YsXkiNYC2MNrAC6FtnFHzfts9nii8uW-sS2w_t0-rr6HJoxjyGFptQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 18612
etag: "9ca921755116b9bc783e340cb523f376942896af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:42:38 GMT
age: 18455
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 06:28:00 GMT
age: 73333
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76499332-7cb2-480e-80ac-e32e75ab50fa.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76499332-7cb2-480e-80ac-e32e75ab50fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 298feae06e52240607d511f44a5c8b59
8c898d7e603b6e710cf3238edf54cb8d2b2cd4cd
f92ee3491c6772a1e8a0a577653f6134999f5b82aa8ea539fb007c04e36ec872
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76499332-7cb2-480e-80ac-e32e75ab50fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8398
x-amzn-requestid: 2d03c942-072b-4a67-a800-dc65787289cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA4oEZLIAMFQ3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b6a-219868c264434b060d18dc3a;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zeyBTIPlQUVzOYobFL_fLUzqFXakHgzB4Ewr5KxLUW8806UQ_VgFzw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:48:13 GMT
age: 18120
etag: "8c898d7e603b6e710cf3238edf54cb8d2b2cd4cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8c1ed79376a3bf9dfc9713189c36039
26ef76be8b675a4eeaf5ee428ee56d1a1181c6af
45f6891db04614dd3309e7951b90fafdac07e57e1932ebda66c852d6f9b65e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f590111-905a-44a3-861d-b8905ff72231.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10719
x-amzn-requestid: 04634220-90c5-403b-a531-c0a984379b33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKNGK0IAMFxrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a41-543f03665ed83c4e63c47c7b;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LTQmBemUPmWSCxl0h3fQagTJ4MWll9KF_j-hWP9M4WvVikdImmwj-Q==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:01 GMT
age: 18612
etag: "26ef76be8b675a4eeaf5ee428ee56d1a1181c6af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/scripts.js
172.106.0.110200 OK 521 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/scripts.js
IP 172.106.0.110:0
File type ASCII text, with CRLF line terminators
Hash 68c689bae07c6c47593e382c35c12649
46b2254833bbd6d3e01c0ec7668648e107ba8420
586f229a461336e5a4281ef8e1abb082fa977ea90ce9d72aa3942d47dbd01c51
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/scripts.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:11 GMT
content-type: application/javascript
last-modified: Wed, 24 Aug 2022 14:54:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 521
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js
172.106.0.110200 OK 2.6 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/wow/wow.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (8099)
Hash 84bcd002724af2dd2e7cc6247fb84d17
d97b0313077c8a7d904c15342e314804915c099d
2206a94b5dd8138c89e5a30bad50115903e45978323bef0367eca08ac6843559
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/wow/wow.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2635
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js
172.106.0.110200 OK 733 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/easing/easing.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (2301)
Hash ebc58a9cdf34a3fb595a609418b88be2
2c6972dc988c4541bd9c61519eaf7ae3f2da39b5
4065193c46b4f3b77d971b12330d77f1b48b5c29755bd814d8ad4cfb36f98356
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/easing/easing.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 733
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js
172.106.0.110200 OK 2.6 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/waypoints/waypoints.min.js
IP 172.106.0.110:0
File type Unicode text, UTF-8 text, with very long lines (8863)
Hash 9ac7d06d536f08f1b22abc2e4d53f85a
2f7809be662e8b60690e9c93bc57e46ae06e906c
ac26b8d1e1df8be26af42c290e9ecc4bd0afc655f88e6bec2f73e87bf6ca6474
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/waypoints/waypoints.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2592
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js
172.106.0.110200 OK 908 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/counterup/counterup.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (2182)
Hash de4f314590475ff8b1ec91731b60b304
8d76335b9e0fafb98c18388d2e4e700d87b14550
cd9a483551940c95018c6910936cb4a62150ebf2527a4cc1afd24cbf91bdaa55
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/counterup/counterup.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 908
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/js/main.js
172.106.0.110200 OK 779 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/js/main.js
IP 172.106.0.110:0
Hash 1f0033d5ff76c016dd85024a852c767f
2b71cb32c4c38675b3b8aa5973ffc3f111ddf4f3
8781b7452972dc5e78df6d316d823f05e678f991108021d1988febeb0d065653
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/js/main.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 779
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 40 kB URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
Hash 77862e8922e5242016a30be04d0424a1
130c34036a4baeeef7dac55256b2d32161bc2af6
2b2b1cfd7db544f60c94469e90cf02fcb9251bd349bcbd5754ed2a29286f8200
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:13 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 247
server: cloudflare
cf-ray: 766afffb8954b523-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:29:11 GMT
expires: Thu, 02 Nov 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 458462
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 22:37:11 GMT
expires: Wed, 01 Nov 2023 22:37:11 GMT
cache-control: public, max-age=31536000
age: 533582
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 03fc468285706210a3ce339d5a223c61
fd32b7fa20b5c53cc2aebc09a3defe4c890f61be
9401d1803a9bac1dd2297405f8cf32dffdc375912ccc1c7bcf884f59a0ed64ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
palmitosicoaraci.com.br/themes/pamar/images/logo/logo.png
172.106.0.110200 OK 52 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/logo/logo.png
IP 172.106.0.110:0
File type PNG image data, 681 x 235, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ff38b50be9c4081036a08240f084e10
b113bf3caef2b4e0aa8144e6bcfc0dba5da80151
d4dcef6d5f9143e1ede075805a239b57746dcd550744045fe61e23da4fb3c8d2
GET /themes/pamar/images/logo/logo.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 16:50:54 GMT
accept-ranges: bytes
content-length: 52535
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/logo/webmail.png
172.106.0.110200 OK 17 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/logo/webmail.png
IP 172.106.0.110:0
File type PNG image data, 325 x 326, 8-bit/color RGBA, non-interlaced\012- data
Hash f9bceccef2e7602604af4b53565be874
03a7f99db2f0ba4f4eebaaf7daa38ac5621b3a0f
b4dce868297035a5af660a2ce794dcc52e30ef32d9c8f8b4c4e9187cc3a44f3d
GET /themes/pamar/images/logo/webmail.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 14:27:42 GMT
accept-ranges: bytes
content-length: 17109
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js
172.106.0.110200 OK 11 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/owlcarousel/owl.carousel.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32000)
Hash 1b649a193df8c648d381cdda8dd268b4
f01dcdb5e3ede69da1d3e8556dcd993f0105b61d
dd2f2af9b8d391f704ec91ab6ef3e32ff56afacc88ba92b8a8834ca562de8bcb
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/owlcarousel/owl.carousel.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10649
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js
172.106.0.110200 OK 9.1 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment-timezone.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32832), with no line terminators
Hash e78d6807d18576999c3f473824a1537b
c47130cc69b3c51ca0c2334257a3644fb70d78ee
3465ac1cc58e51a4fee9856859cc741f320ddac3f7227725c76f4f3e9c3fd5cb
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/tempusdominus/js/moment-timezone.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9061
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
172.106.0.110200 OK 12 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (32032)
Hash f5a4db83231fb90dd2430138551be975
839474798fd1ea078dcf0d9810411285b460ac99
b6d7cd25bd81e578b99ec4d6777a08040aeb5d7f2da90bcc654b70d73214f143
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/tempusdominus/js/tempusdominus-bootstrap-4.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11542
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js
172.106.0.110200 OK 64 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/lib/tempusdominus/js/moment.min.js
IP 172.106.0.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7aab21750c3674e928da71c89b8cabb8
92f2139c3717d4cfd19a8186187d5829174ab58c
71384b81fe6bf962fedb07e3fd60d8538996c34b455a7e918a766739da8de73d
Analyzer Verdict Alert fortinet Phishing
GET /themes/pamar/lib/tempusdominus/js/moment.min.js HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: application/javascript
last-modified: Tue, 15 Feb 2022 05:25:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 63743
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/img/carousel-bg-1.jpg
172.106.0.110200 OK 114 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/img/carousel-bg-1.jpg
IP 172.106.0.110:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1800x560, components 3\012- data
Size 114 kB (113750 bytes)
Hash 27febaa8ddda88aea4a7ea24b1de7ebb
31de76567f5ad644a21dce243243b0026c852a9c
5016c60014f6e573f58dfd25b9ff3d6293067a328e198bbecae21e05c3687f8f
GET /themes/pamar/img/carousel-bg-1.jpg HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/themes/pamar/css/style.css
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 15 Nov 2022 02:50:12 GMT
content-type: image/jpeg
last-modified: Tue, 23 Aug 2022 18:23:34 GMT
accept-ranges: bytes
content-length: 113750
date: Tue, 08 Nov 2022 02:50:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d9e23a9bac6355d898d29c56c76a7b00
7cb358d9beb843c88c86b5c642a06ea5f5130229
e65a19ba171586388a4c1260cd602e4938f4a0de1fbe4cb622976d11a0615954
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5201
Cache-Control: max-age=104504
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:14 GMT
Etag: "6368a4cd-1d7"
Expires: Wed, 09 Nov 2022 07:51:58 GMT
Last-Modified: Mon, 07 Nov 2022 06:25:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online
IP 104.17.145.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?a=799654661&u=https%3A%2F%2Fpalmitosicoaraci.com.br%2FT-online HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 02:50:14 GMT
content-type: application/javascript
content-length: 0
cache-control: no-cache, private
set-cookie: prism_799654661=536940d0-6366-447f-913b-eef2cbdd30b3; expires=Thu, 08-Dec-2022 02:50:14 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 45
x-powered-by: PHP/7.4.32
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 766afffd09dcb523-OSL
X-Firefox-Spdy: h2
connect.facebook.net/pt_BR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash fc357f45f44241de4cd271c00f9f6343
54cd5110ed97c862d39e7599a2a22183afe9a334
46d50669e068615b6fc4cd26f72f098aba4136ca4f5a7a41796d29a4000217d9
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: eafd1f43c636b303ca8413a9fe5e4d3e
etag: "6e9fc0bdd2aa14602cd9a87796c0a430"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 08 Nov 2022 03:05:18 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: /DV/RfRCQd5M0nHAD59jQw==
x-fb-debug: E5GggBOBuCDwyutkh1pDFYo05hEzVPLjbfywYd82V9jt9Iswt1UrhUVh2oN7ueU0usAcmdOgrxARCTWyO8tKqQ==
content-length: 1686
x-fb-trip-id: 2074150462
date: Tue, 08 Nov 2022 02:50:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d9e23a9bac6355d898d29c56c76a7b00
7cb358d9beb843c88c86b5c642a06ea5f5130229
e65a19ba171586388a4c1260cd602e4938f4a0de1fbe4cb622976d11a0615954
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4581
Cache-Control: max-age=103884
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 02:50:14 GMT
Etag: "6368a4cd-1d7"
Expires: Wed, 09 Nov 2022 07:41:38 GMT
Last-Modified: Mon, 07 Nov 2022 06:25:17 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 7c467ae9733be2f327f93f1a07471f6e
988de8f8abc20d634cae44d6b0383854d08ce4a0
f68d22764b061afcc5020be4ee77c90f36eef48d3d49acfc63f756af35210de3
GET /pt_BR/sdk.js?hash=c4945207e4537644df0bc8e852aabea4 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://palmitosicoaraci.com.br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ee1dade5a3d4a7568726e512a3e24299
etag: "4c0abe8ad6dc93479035a477aa4c59e5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Nov 2023 02:45:18 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: fEZ66XM74vMn+T8aB0cfbg==
x-fb-debug: vT79/qo3IfEgkq7DBy7oRnq8UnIuLCFNwsgCzkp9/fCTU7buAuuWeIKUuYGWpyxeFgoxUSg/fGeqjXmfo/ZigQ==
content-length: 86934
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 02:50:14 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/favicons/android-icon-192x192.png
172.106.0.110200 OK 4.0 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/favicons/android-icon-192x192.png
IP 172.106.0.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469), with CRLF, LF line terminators
Hash 10d81bc589594f8e11f22cc80fc9ab93
2381aabeb7826f9c6b16a1f9dd9f9aeda075f8bb
ea359f93a19d5faf1bee962fbbfa5a6a62115d73c56ba8e844e21990d81e2481
GET /themes/pamar/images/favicons/android-icon-192x192.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 4042
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/images/favicons/favicon-16x16.png
172.106.0.110200 OK 4.0 kB URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/images/favicons/favicon-16x16.png
IP 172.106.0.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469), with CRLF, LF line terminators
Hash c5aea73a955801bd957d50c4b30cdf5e
ffa2eece9daa3e43628138379acae63afba00ffd
f14c9032815ce84cb88881bf0f6ea499235f22befe5838f299db66884799044e
GET /themes/pamar/images/favicons/favicon-16x16.png HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 4035
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
normandy.cdn.mozilla.net/api/v1/
54.230.111.106200 OK 598 B URL HTTP/1.1 normandy.cdn.mozilla.net/api/v1/
IP 54.230.111.106:0
File type JSON data\012- , ASCII text, with very long lines (598), with no line terminators
Hash 3076f9a5cb273105528b893ff7111e41
b8990c145fe71b9a2410eea41a60a712b43b82bf
69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 598
Connection: keep-alive
Server: nginx
Date: Tue, 08 Nov 2022 02:50:00 GMT
Cache-Control: public, max-age=30
Allow: GET, HEAD, OPTIONS
Content-Security-Policy: object-src 'none'; form-action 'self'; block-all-mixed-content; base-uri 'none'; worker-src 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; frame-src 'none'; report-uri /__cspreport__
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000
Via: 1.1 google, 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
Vary: Accept,Origin
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4NSJeWzniru5X6RiQCeWGupKZtDlBVn8r9gc990AHBxx0plS7gXV5Q==
Age: 16
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df086deaf35652d1b62b909928461b41
9ffd21b8593095e3b5d3fa5569a52baf48f086b1
2aa340651330809c9127a0e718ca2ebf3a68e259281667cb7b4adbe0b7562654
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AA340651330809C9127A0E718CA2EBF3A68E259281667CB7B4ADBE0B7562654"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12821
Expires: Tue, 08 Nov 2022 06:23:57 GMT
Date: Tue, 08 Nov 2022 02:50:16 GMT
Connection: keep-alive
classify-client.services.mozilla.com/api/v1/classify_client/
34.98.75.36200 OK 64 B URL HTTP/2 classify-client.services.mozilla.com/api/v1/classify_client/
IP 34.98.75.36:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 441dc6d739b18f7e2838ea0d6725e184
f33cf0b917cf6b4ef22a8ad9df546cc711964e16
3ffaf47cb53e86ffd233a988d1b5dca10c93b6015c614a727cdddddaa3ce738c
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 02:50:17 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/normandy.content-signature.mozilla.org-2022-12-09-20-33-59.chain?cachebust=2017-06-13-21-06
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/normandy.content-signature.mozilla.org-2022-12-09-20-33-59.chain?cachebust=2017-06-13-21-06
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9fb00ac120ffbc3b42a59dc2985bbc7e
ab48f0eb2dc9f9bc58eb42c02016dc5b72b06323
56c65fc9bf0ff19c3abad88491469241ca4a9a03d01f0aa9b9856a65693fdfab
GET /chains/normandy.content-signature.mozilla.org-2022-12-09-20-33-59.chain?cachebust=2017-06-13-21-06 HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Y/tPUs+5dvYbYV7L2N006MqPLIiKl9LYi8HPZEpBWgwpx07FcLsbIyxa+hQdzgBlFV50uVgXpN8=
x-amz-request-id: 400ZA9VQNMM7ZARH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5327
via: 1.1 google
date: Tue, 08 Nov 2022 02:17:36 GMT
age: 1961
last-modified: Thu, 20 Oct 2022 20:34:00 GMT
etag: "9fb00ac120ffbc3b42a59dc2985bbc7e"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
palmitosicoaraci.com.br/themes/pamar/assets/images/pag-top-bg.jpg
172.106.0.110200 OK 0 B URL HTTP/2 palmitosicoaraci.com.br/themes/pamar/assets/images/pag-top-bg.jpg
IP 172.106.0.110:0
GET /themes/pamar/assets/images/pag-top-bg.jpg HTTP/1.1
Host: palmitosicoaraci.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/T-online
Cookie: PHPSESSID=643ec84876fe7339ecaf9e18eb7029a7; userView=palmitos
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 02:50:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap
IP 142.250.74.10:0
GET /css2?family=Barlow:wght@600;700&family=Ubuntu:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://palmitosicoaraci.com.br/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 02:50:11 GMT
date: Tue, 08 Nov 2022 02:50:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2